36761376ccf1b403911b410a8ac4d03abe752a4c684c06bbd8dcc3d1bfe94027 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

36761376ccf1b403911b410a8ac4d03abe752a4c684c06bbd8dcc3d1bfe94027.exe
Size

477KB
Sample

240703-efbshswdqe
MD5

6a77ec6cbfa7487fffd6fed70314e1c0
SHA1

1cc9989287aebbf3ef120e99a05661f5a213e067
SHA256

36761376ccf1b403911b410a8ac4d03abe752a4c684c06bbd8dcc3d1bfe94027
SHA512

26a711625bdb3f909d001155ed3cebfdb5cec7e5d6b0bb9ce4e9e9c987382f98bf3ac08db5be939fd0d42b43e2a24a036ede890316cac4bb8b5b9f71afb296a8
SSDEEP

1536:ur3Z5IfQmv81a1xyXHZ+NGQSLNmCm6oyz7jBd7qDmbNPMJAVC+++HttttA:yJOfQm01mxyXHZKG7pm6j77vttttA

Score

8^/10

evasion

Malware Config

Targets

- Target
  
  36761376ccf1b403911b410a8ac4d03abe752a4c684c06bbd8dcc3d1bfe94027.exe
- Size
  
  477KB
- MD5
  
  6a77ec6cbfa7487fffd6fed70314e1c0
- SHA1
  
  1cc9989287aebbf3ef120e99a05661f5a213e067
- SHA256
  
  36761376ccf1b403911b410a8ac4d03abe752a4c684c06bbd8dcc3d1bfe94027
- SHA512
  
  26a711625bdb3f909d001155ed3cebfdb5cec7e5d6b0bb9ce4e9e9c987382f98bf3ac08db5be939fd0d42b43e2a24a036ede890316cac4bb8b5b9f71afb296a8
- SSDEEP
  
  1536:ur3Z5IfQmv81a1xyXHZ+NGQSLNmCm6oyz7jBd7qDmbNPMJAVC+++HttttA:yJOfQm01mxyXHZKG7pm6j77vttttA
Score

8^/10

evasion
- Sets file to hidden
  Modifies file attributes to stop it showing in Explorer etc.
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2